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Cloud security and compliance posture management 


Organizations are rapidly migrating to cloud computing and adopting innovations to 
help with new or existing cloud projects. For some, traversing this path has been a 
multi-year endeavor; others are learning about cloud technologies for the first time 
and discovering a world of possibility. However, with increased possibilities come 
new impacts on the business-the infrastructure, technology, security, and team 
dynamics need to adjust to this evolution. 


While cloud computing leads to more automation, cloud engineering and 
operations teams now require greater visibility of all the moving parts across 

their infrastructure and platforms. This increase in complexity can result in cloud- 
related security incidents because of misconfigurations across storage, network, 
and identity. Furthermore, it can leave DevOps and cloud teams with a trail of 
unmanaged risks across multi-cloud environments in addition to performance, 
compliance, and operational concerns. This creates the perfect storm to negatively 
impact the business’ reputation and bottom line. 














INTRODUCING TREND MICRO CLOUD ONE™ - CONFORMITY 


Conformity enables you to fulfill your side of the shared responsibility model 
with guardrails for your cloud. Providing continuous security, compliance, and 
governance in a cloud-native platform to help you manage misconfigurations of 
cloud resources and strengthen your security posture. 


With almost 1,000 cloud infrastructure configuration checks out of the box, across 
Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platforrm™, your 
cloud services are scanned in real-time. This provides you with visibility of your 
entire cloud environment, your compliance score, contextual insights, and alerts for 
any risks in your cloud infrastructure. 





Nearly all Successful attacks on 
cloud services are as a result of 
misconfiguration, 
mismanagement and mistakes. 
Continuously scanning 
workloads with cloud security 
posture management (CSPM) 
tools, covering identity, network 
and storage configuration, 

is critical in identifying these 
problems. 





“Endpoint and Server Security: 
Common Goals, Divergent 
Solutions” published 01/2021 
ID: G00377795 


Conformity is more than just 
a security tool. It provides me 
with situational awareness 

by giving me a global view 

of everything that | have 
inside my cloud-helping me 
manage it and take action. 


Jason Cradit, 
Principal Cloud Architect, 
1898 & Co. 





HOW DOES CONFORMITY WORK? 





There is nothing to download or deploy. Simply sign up for a 30-day, free trial, connect your cloud account, and in minutes you will 
have a comprehensive view of your cloud security posture. Conformity uses a custom access policy to view your cloud account 
metadata configuration settings-there is no read or write access to your data. 
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WHAT SETS US APART : Fast Facts 


i : -_ e Extensive depth and breadth of 
World-class technology leaders are putting tremendous effort into building the most secure, 


ss P . : f coverage on AWS, Azure, Google 
optimized, resilient, and scalable cloud infrastructure for their businesses. 


Cloud services. 


1. Continuously build your cloud infrastructure to industry best practices : e Nearly 1,000 real-time industry best 
: practice checks. No need to build your 
Guardrails to innovate in the cloud with confidence. Each configuration recommendation in 


Conformity is founded on the design principals of the Well-Architected Frameworks, enabling 

you to create best-of-breed infrastructure and prevents common technical pitfalls. This * Real-time monitoring and alerts. 
ensures your infrastructure is truly benefiting from all of the advantages your cloud services : 
platform offers. : 


own. 


Extremely actionable and easy to use. 


: * Includes remediation guides and auto- 
The Well-Architected Framework is made of up five pillars: security, operational excellence, : remediation. 
reliability, performance efficiency, and cost optimization. Each recommendation and : 











remediation step displays which pillar it supports, giving you assurance that your cloud ¿+ Seamless integrations with key 
infrastructure is configured and deployed securely while your systems and sensitive data : icketing and communication 
are properly protected. Leverage auto-remediation capabilities for any rules you want to be channels like Slack, ServiceNow, Jira, 
automatically addressed. i PagerDuty, Microsoft Teams and 
more. 
* CloudFormation and TerraForm 
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Security Reliability 
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2. Manage compliance at scale in the cloud 


ndustry standards and compliance requirements are constantly changing. Benefit from 
continuous scans against compliance and industry standards in your cloud infrastructure and 
immediately act on high risk policy violations against SOC2, ISO 27001, NIST, CIS, GDPR, PCI 
DSS, GDPR, HIPAA, and more. 


Leverage standardized or custom reports, auditing your infrastructure for misconfigurations 
with an endless combination of filters. Run exportable reports on your cloud environments for 
internal and external audits against benchmark standards. 





3. Democratize cloud operational excellence 


Instill confidence in developers by providing guardrails that enable agile development and a 


secure, optimized cloud infrastructure. The Conformity Knowledge Base is a continually growing 
library containing almost 1,000 step-by-step remediation guides for public cloud infrastructure 


configurations. This empowers developers and engineers to better understand how to build 
superior cloud architecture, regardless of their security or technical expertise. 





This readily available remediation information allows organizations to move quickly with their 
cloud migration, DevOps processes, or other cloud projects without the fear of introducing 
miconfigurations, vulnerabilities, or reliability risks. 
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Trend Micro Cloud One™ 


Conformity Knowledge Base 


Conformity al-time monitoring and auto-remediation for the security, compliance and governance of 
ture. Leaving you to grow and scale your business with confidence with over 750 automated best 
practice checks. 





Knowledge Base 


Along with better visibility, compliance and faster remediation for your cloud infrastructure, Conformity also has a growing public library of 750+ cloud infrastructure 
configuration best practices for your AWS™, Microsoft® Azure, and Google Cloud™ environments. Providing simple, step-by-step resolutions to rectify any security 
vulnerabilities, performance, cost inefficiencies, and reliability risks. This catalogue of cloud guardrails is a core part of Conformity which automatically monitors and auto- 
remediates cloud infrastructure, 


Below are the cloud, services and their associated best practice rules with clear instructions on how to perform the updates - made either through the console or via the 
Command Line Interface (CLI). 
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Key Advantages 


Be secure. 


Complete visibility of your AWS, Azure 
and Google cloud infrastructure with 

a single, multi-cloud dashboard. View 
your risk status and violations with 
clear remediation steps and immediate 
resolution. 


Be compliant. 


Industry standards and compliance 
requirements are constantly changing. 
Benefit from continuous scans against 
compliance and industry standards, 
including the SOC2, NIST, CIS, PCI DSS, 
GDPR, HIPAA, and more. 


Be assured. 





Fully API-enabled automation removes the 
manual, repeititve tasks that are prone to 
human error. Embrace DevOps without 


the fear of misconfiguration introducing 
security gaps to your cloud infrastructure. 














PROACTIVE PREVENTION AND AUTOMATION 

aws partner 
In addition to providing real-time threat monitoring and auto-remediation for your cloud xA network 
environments, you'll quickly realize the value of shifting security and compliance to the earliest 
phase of your CI/CD pipeline. With our Infrastructure as code (laC) template scanning, templates Advanced 
can instantly be run through the Conformity API during the coding process. This will enable Tech nology 
automated, proactive prevention of miconfiguraitons and give you peace of mind that the code Partner 


moving into your cloud infrastructure is fully compliant and aligned to industry best practices. 





Security Competency 
Cloud Management 


Embed the CloudFormation Tools Competency 
Template Scanning API into 
Your CI/CD Pipeline 





GitHub Actions integration to 
scan the laC 
a Q 











Fmt peri cto Having Conformity continuously 
A D monitor our AWS infrastructure 
e Ro and notify us in real time of 
toe o: any critical issues ensures we 
: remain compliant with best 
a" practices, and any potential 





threats to our applications or 
data are resolved before they 
impact our business: 


SET UP CONFORMITY IN MINUTES Team Lead of Information Security, 


Conformity is designed so you can be up and running within minutes. After you have GrubHub 
connected your AWS, Azure, or Google Cloud account, you'll see your overall risk posture 

of your cloud environment. You can replicate rules and communication preferences across 

accounts to give development teams proper security guardrails. 








MEET WORKFLOW AND COMPLIANCE REQUIREMENTS 


Conformity currently integrates with the following communication channels, workflow 
systems, and compliance standards. 
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CONTINUOUS COMPLIANCE MONITORING FOR: Eoo 


For details about what personal information we collect and why, please see 
our Privacy Notice on our website at: https://www.trendmicro.com/privacy 
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And more compliance standards available... 
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